Change search
ReferencesLink to record
Permanent link

Direct link
Modeling Security Risks at the System Design Stage: Alignment of Mal Activity Diagrams and SecureUML to the ISSRM Domain Model
Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, Department of Telematics.
2011 (English)MasteroppgaveStudent thesis
Abstract [en]

Security engineering is one of the important concerns during system development. It should be addressed throughout the whole system development process; however in many cases it is often dealt only during system development and maintenance. There are several security modeling languages (e.g, Misuse case, Secure Tropos) that help dealing with security risk management at the requirements stage. In this thesis, we are focusing on the modeling languages (e.g. Mal activity diagrams and SecureUML) that are used to design the system. More specifically we investigate how these languages support information systems security risks management (ISSRM). The outcome of this work is an alignment table between the Mal activity diagrams and SecureUML language constructs to the ISSRM domain model concepts. We ground our analysis and validate the received results on the number of illustrative examples. We hope that our results will help developers to understand how they can consider security risks at the system design stage. In addition we open the way for the interoperability between different modeling languages that are analysed using the same conceptual background, thus, potentially leading to the transformation between these modeling approaches.

Place, publisher, year, edition, pages
Institutt for datateknikk og informasjonsvitenskap , 2011. , 92 p.
Keyword [no]
ntnudaim:6369, MSSECMOB Master in Security and Mobile Computing
URN: urn:nbn:no:ntnu:diva-18336Local ID: ntnudaim:6369OAI: diva2:566044
Available from: 2012-11-08 Created: 2012-11-08 Last updated: 2013-06-23Bibliographically approved

Open Access in DiVA

fulltext(1406 kB)147 downloads
File information
File name FULLTEXT01.pdfFile size 1406 kBChecksum SHA-512
Type fulltextMimetype application/pdf
cover(47 kB)52 downloads
File information
File name COVER01.pdfFile size 47 kBChecksum SHA-512
Type coverMimetype application/pdf

By organisation
Department of Telematics

Search outside of DiVA

GoogleGoogle Scholar
Total: 147 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 62 hits
ReferencesLink to record
Permanent link

Direct link